发布求助
文献互助 智能选刊 最新文献

Proceedings of the 8th International Conference on Security of Information and Networks最新文献

筛选
英文 中文
Protection from binary and multi-symbol packet length covert channels 保护二进制和多符号包长度隐蔽信道
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799994
A. Epishkina, K. Kogos
{"title":"Protection from binary and multi-symbol packet length covert channels","authors":"A. Epishkina, K. Kogos","doi":"10.1145/2799979.2799994","DOIUrl":"https://doi.org/10.1145/2799979.2799994","url":null,"abstract":"In this paper, we describe binary and multi-symbol packet length covert channels. Then we design a technique to estimate and limit their capacity. The method to choose parameters of counteraction tools is given, it takes into account an allowable value of covert channel capacity and error level. The novelty of the investigation undertaken is that the covert channel capacity is limited preliminary, whereas state of the art methods focus on detecting active IP covert channels.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"226 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123097790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Simulation user behavior on a security testbed using user behavior states graph 使用用户行为状态图在安全测试台上模拟用户行为
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799985
A. Amirkhanyan, Andrey Sapegin, Marian Gawron, Feng Cheng, C. Meinel
{"title":"Simulation user behavior on a security testbed using user behavior states graph","authors":"A. Amirkhanyan, Andrey Sapegin, Marian Gawron, Feng Cheng, C. Meinel","doi":"10.1145/2799979.2799985","DOIUrl":"https://doi.org/10.1145/2799979.2799985","url":null,"abstract":"For testing new methods of network security or new algorithms of security analytics, we need the experimental environments as well as the testing data which are much as possible similar to the real-world data. Therefore, the researchers are always trying to find the best approaches and recommendations of creating and simulating testbeds, because the issue of automation of the testbed creation is a crucial goal to accelerate research progress. One of the ways to generate data is simulate the user behavior on the virtual machines, but the challenge is how to describe what we want to simulate. In this paper, we present a new approach of describing user behavior for the simulation tool. This approach meets requirements of simplicity and extensibility. And it could be used for generating user behavior scenarios to simulate them on Windows-family virtual machines. The proposed approached is applied to our developed simulation tool that we use for solving a problem of the lack of data for research in network security and security analytics areas by generating log dataset that could be used for testing new methods of network security and new algorithms of security analytics.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134007632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Large-scale systems security evolution: control theory approach 大规模系统安全演化:控制理论方法
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799993
T. Stepanova, D. Zegzhda
{"title":"Large-scale systems security evolution: control theory approach","authors":"T. Stepanova, D. Zegzhda","doi":"10.1145/2799979.2799993","DOIUrl":"https://doi.org/10.1145/2799979.2799993","url":null,"abstract":"Rapidly expanding information technologies field clearly discovers tendency of increasing computer systems' heterogeneity and distribution level. In this paper authors reveal the hidden attributes of IT security evolution towards more assumptions about attacker power and less assertions on provided security level. The proposed view of IT security evolution makes it possible to classify security providing technologies in terms of control theory. This comparison, in turn, allows to borrow a rich theoretical framework of appropriate control theory methods (for non-linear, non-stationary, discrete-continuous automatic control systems) and adopt them for cyber security purposes. Moreover, proposed control theory view enables prediction of the future security evolution stages and allows to partially determine them.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133507842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A new algorithm for unkeyed jam resistance 一种新的无键抗干扰算法
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800008
Hamid Hanifi, L. Baird, R. Thurimella
{"title":"A new algorithm for unkeyed jam resistance","authors":"Hamid Hanifi, L. Baird, R. Thurimella","doi":"10.1145/2799979.2800008","DOIUrl":"https://doi.org/10.1145/2799979.2800008","url":null,"abstract":"An important problem for secure communication is that of achieving jam resistance, without any prior shared secret between the sender and receiver, and without limits on the assumed computational power of the attacker. To date, only one system has been proposed for this, the BBC system, which is based on coding theory using codes derived from arbitrary hash functions. It is unfortunate that only one, narrow solution has been found for this important problem. We now propose a new algorithm for this problem: the HBT algorithm. It is very different from BBC, using codes based on monotone Boolean functions (MBF), rather than hash functions. It is also more general. We show that despite being very different from BBC, the latter can be viewed as a special case of it. In fact, a theorem proves that all such codes are special cases of this new system. We give empirical results suggesting that this new approach is useful, and describe directions for future research.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115718998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A classification framework for distinct cyber-attacks based on occurrence patterns 基于发生模式的不同网络攻击分类框架
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800037
M. S. Awan, Mohammed A. Alghamdi, Sultan H. Almotiri, P. Burnap, O. Rana
{"title":"A classification framework for distinct cyber-attacks based on occurrence patterns","authors":"M. S. Awan, Mohammed A. Alghamdi, Sultan H. Almotiri, P. Burnap, O. Rana","doi":"10.1145/2799979.2800037","DOIUrl":"https://doi.org/10.1145/2799979.2800037","url":null,"abstract":"An increasingly mature, stealthy and dynamic techniques and attack vectors used by cyber criminals have made the critical network infrastructure more vulnerable to security breaches. Following 'Bring Your Own Device (BYOD)' policies and remote-work style of accessing network infra structure leaves the whole network vulnerable to new unknown malware, botnets, advanced persistent threats, coordinated attack patterns, etc., in addition to existing vulnerabilities inherent in software applications. Such an environment demands a network administrator to understand the nature and patterns of cyber-attacks targeting the network infra structure so that appropriate measures could be introduced. In this paper we propose a framework to classify cyber-attacks based on their pattern of occurrence. We validate the classification approach using real malicious traffic logs by focusing on: i) temporal behaviour of cyber-attacks; ii) correlation between cyber-attacks; and iii) targeted software applications.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121608669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
sandFOX: secure sandboxed and isolated environment for firefox browser sandFOX: firefox浏览器的安全沙盒和隔离环境
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800000
Anil Saini, M. Gaur, V. Laxmi, P. Nanda
{"title":"sandFOX: secure sandboxed and isolated environment for firefox browser","authors":"Anil Saini, M. Gaur, V. Laxmi, P. Nanda","doi":"10.1145/2799979.2800000","DOIUrl":"https://doi.org/10.1145/2799979.2800000","url":null,"abstract":"Browser functionalities can be widely extended by browser extensions. One of the key features that makes browser extensions so powerful is that they run with \"high\" privileges. As a consequence, a vulnerable or malicious extension might expose browser, and operating system (OS) resources to possible attacks such as privilege escalation, information stealing, and session hijacking. The resources are referred as browser as well as OS components accessed through browser extension such as accessing information on the web application, executing arbitrary processes, and even access files from a host file system. This paper presents sandFOX (secure sandbox and iso- lated environment), a client-side browser policies for constructing sandbox environment. sandFOX allows the browser extension to express fine-grained OS specific security policies that are enforced at runtime. In particular, our proposed policies provide the protection to OS resources (e.g., host file system, network and processes) from the browser attacks. We use Security-Enhanced Linux (SELinux) to tune OS and build a sandbox that helps in reducing potential damage from attacks on the OS resources. To show the practicality of sandFOX in a range of settings, we compute the effectiveness of sandFOX for various browser attacks on OS resources. We also show that sandFOX enabled browser experiences low overhead on loading pages and utilizes negligible memory when running with sandbox environment.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117310043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Application of cluster analysis for the assessment of the share of fraud victims among bank card holders 应用聚类分析评估银行卡持卡人中诈骗受害者的比例
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800033
S. Alkhasov, Alexander Tselykh, A. Tselykh
{"title":"Application of cluster analysis for the assessment of the share of fraud victims among bank card holders","authors":"S. Alkhasov, Alexander Tselykh, A. Tselykh","doi":"10.1145/2799979.2800033","DOIUrl":"https://doi.org/10.1145/2799979.2800033","url":null,"abstract":"In this paper, we present a method for the assessment of the share of cardholders most prone to various types of bank fraud (i.e. fishing, vishing, skimming). For this purpose, a forecasting information system has been designed. It is based on a clustering module used for output of a certain set of cluster indices that depend on the percentage of aggrieved clients in the training sample. The k-means method is used for clustering. The initial coordinates of centroids are defined using advanced k-means++ algorithm.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"62 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114003515","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Improved trust based key management for end-to-end secure communication in cellular networks 蜂窝网络中端到端安全通信改进的基于信任的密钥管理
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800014
Naila Mukhtar, M. S. Baig, L. A. Khan
{"title":"Improved trust based key management for end-to-end secure communication in cellular networks","authors":"Naila Mukhtar, M. S. Baig, L. A. Khan","doi":"10.1145/2799979.2800014","DOIUrl":"https://doi.org/10.1145/2799979.2800014","url":null,"abstract":"Use of mobile phones has tremendously increased over last two decades. Common man's life revolves around the usage of cell phones from payment of bills to secure conversation with family and friends. End-To-End Security is an important concern for such security critical applications with focus on key management. We have presented a model based on Web-of-trust style key management, with server involvement for mobile devices in cellular network environment. Our introduced server has some additive roles and responsibilities, which will help in efficient public key management by using the cellular network service. As public key cryptographic operations are computationally intensive, so proposed scheme is tested on mobile device for processing capability.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131115442","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Problems of data protection in industrial corporations enterprise architecture 工业企业架构中的数据保护问题
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800032
V. Glukhov, I. Ilin, A. Anisiforov
{"title":"Problems of data protection in industrial corporations enterprise architecture","authors":"V. Glukhov, I. Ilin, A. Anisiforov","doi":"10.1145/2799979.2800032","DOIUrl":"https://doi.org/10.1145/2799979.2800032","url":null,"abstract":"The paper investigates and analyzes problems of data protection in industrial corporations at all stages of the life cycle of its architecture. The basic risks and threats of information security are shown up, covering all layers of the enterprise architecture, which must be taken into account when building the security architecture. Also those threats of information security are investigated which are difficult to prevent through a variety of means and methods of special protection.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131872260","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Record linkage applications in health services research: opportunities and challenges 记录链接在卫生服务研究中的应用:机遇与挑战
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799983
R. Thurimella, Rinku Dewri, William Mitchell
{"title":"Record linkage applications in health services research: opportunities and challenges","authors":"R. Thurimella, Rinku Dewri, William Mitchell","doi":"10.1145/2799979.2799983","DOIUrl":"https://doi.org/10.1145/2799979.2799983","url":null,"abstract":"When aggregating medical data for research, it is necessary to link data on the same person, but from different sources. Linking enables a researcher to conduct longitudinal studies. Typically such linking can be accomplished by using personal identifying information, such as names, birthdates, addresses, and national or local identifying codes, though occasionally this method does not work because of incompleteness or inaccuracies in the data. For research, the Health Insurance Portability and Accountability Act (HIPAA) privacy rules severely restrict researcher access to identifiers. Therefore, an important research problem is how to link data from a geographic region whose data sources have significant overlap in the actual patients included. In this talk, I describe various challenges and opportunities that exist while tackling this problem.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"200 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133254102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信